Ask stories

I'll be here for the rest of the day. As usual, there are countless immigration-related topics to discuss and I'll be guided by whatever you're concerned with. Please remember that I can't provide legal advice on specific cases because I won't have access to all the facts. Please stick to a factual discussion in your questions and comments and I'll try to do the same in my answers.

Previous threads we've done: https://news.ycombinator.com/submitted?id=proberts.

COBOL legacy systems in finance and government are somewhat of a meme. However, I've never actually met a single person who's day job is to maintain one. I'd be curious to learn what systems are you working on?

Status page is, as expected, all green, but anyone noticing anything unusual? Services on cloud run timing out for me.

Does OpenAI wipe out API balance if you're not using for a few month(s)? I had some balance of actual money paid via credit card that I had not used for few months. I went yesterday and the balance was showing as $0.0 . I'm 100% sure I did not use it up.

Again, this was not free credits which I'm totally sure has an expiry, but this was paid by me via my credit card, so not sure what gives.

If so, this does not make sense. Has anyone else noticed this or was it some sort of anomaly at my end. Happy to give OpenAI benefit of doubt.

Since mozilla announced the sunsetting of pocket, I started looking for alternatives, including building a light version for my personal use. But nothing came out of my research.

What options are there and how are you transitioning?

I’m looking for opportunities to learn a BSD OS. Would love to connect :)

Ok, I have a work account on Gmail. Having the experience of being locked out of Gmail previously (endless loop of "You are entering the correct password but we're not sure that it is you, try again later"), I created a 2fa via Google Authenticator and set up Backup Codes and thought I'm safe from them asking me to sign in on another device or enter sms code (I don't carry that phone with me).

So, one sunny day I decided to add standard iOS mail app to this account, and lo, an hour after connection I get a message, that due to strange activity on my account, I need to enter code sent via sms.

Ok, I don't have that phone with me, so I try to log in with Authenticator, and no, no good: 'we are not sure that it is you, enter code sent to sms'. Ok, I dig backup codes, enter them, and still get 'we are not sure what it is you' message.

What's even the point of allowing to set up Authenticator or Backup Codes if they don't do anything?

If there are some people from Google reading this, please, don't reach out to me offering to help. Just change this dumb system.

I started to track my Cursor usage via https://cursor.com/dashboard?tab=usage.

The pricing and usage of tokens hugely changed recently. To test I gave a simple task to Cursor which would use a 192 line swift code, including comments. This file has 1213 tokens according to https://platform.openai.com/tokenizer .

Here is my prompt: "There is a bug when i click on a raw it plays the audio and it deletes it afterwards, even though without clicking the delete button."

The Cursor dashboard says it used 269,738 tokens, and records to usage accordingly. I am a pro plan user.

Is there anyone else having similar issues?

What I’m asking HN:

What does your actually useful local LLM stack look like?

I’m looking for something that provides you with real value — not just a sexy demo.

---

After a recent internet outage, I realized I need a local LLM setup as a backup — not just for experimentation and fun.

My daily (remote) LLM stack:

  - Claude Max ($100/mo): My go-to for pair programming. Heavy user of both the Claude web and desktop clients.

  - Windsurf Pro ($15/mo): Love the multi-line autocomplete and how it uses clipboard/context awareness.

  - ChatGPT Plus ($20/mo): My rubber duck, editor, and ideation partner. I use it for everything except code.

Tools

  - Ollama: for running models locally

  - Aider: Claude-code-style CLI interface

  - VSCode w/ continue.dev extension: local chat & autocomplete

  - Chat: llama3.1:latest

  - Autocomplete: Qwen2.5 Coder 1.5B

  - Coding/Editing: deepseek-coder-v2:16b

  - CPU/Memory (running on an M1 MacBook)

  - Cost (within reason)

  - Data privacy / being trained on (not trying to start a philosophical debate here)

  - Actual usefulness (i.e. “vibes”)

  - Ease of use (tools that fit with my muscle memory)

  - Correctness (not benchmarks)

  - Latency & speed

---

Who I am

  - CTO of a small startup (5 amazing engineers)

  - 20 years of coding (since I was 13)

  - Ex-big tech

If you have the Notion Desktop App installed, you may have started to notice a "In a meeting? Start AI Meeting Notes" notification pop up exactly when you are joining a virtual meeting (e.g. joining a Google Meet on Firefox).

At first, I assumed it must have been using my Google Workspace account to snoop on my calendar. But then I started to notice it would notify exactly when I joined even if I was late and the meeting had previously started.

This was the response from Notion Support after they worked with the Notion Engineering team.

> Meeting Detection Architecture:

> - The system uses a sophisticated dual-detection approach: microphone monitoring combined with network port analysis

> - Detection is implemented separately for macOS and Windows at the native operating system level

I've uninstalled the Notion Desktop App...

I just got banned by Immunefi for reporting a real replay attack on LayerZero V2.

I discovered that lzReceive() allows infinite replays of valid cross-chain messages, due to the lack of guid tracking. This results in repeated token crediting — a critical flaw.

My PoC used real deployed contracts, no forged data. The vulnerability is 100% reproducible.

Instead of investigating, Immunefi rejected my report without a technical rebuttal — and banned me for "complexity poaching".

Full Story: https://medium.com/@tangouvitch/immunefi-banned-me-for-reporting-a-real-replay-attack-in-layerzero-v2-71d5ee0ff102

Do you think this is a valid bug? Was the ban justified? Should Immunefi be held accountable?

Curious to hear what the Ethereum community thinks.

I'm a full-stack developer, .NET and React are my specialty. I've gotten really interested in lower level projects currently, especially the Linux development and embedded design.

I have multiple smaller Pico projects under my belt, but I understand that does not correlate 100% with the embedded field. Personally, from my perspective, it would feel like the equivalent to someone building a static HTML site and applying for a full-stack position, but I don't know how to fix that.

The Web Dev field and Embedded field feel extremely different, so I have the fear that with the current job market, even if I commit fully to ensuring my personal portfolio shows a lot of embedded programming, that I won't be trusted for professional projects.

Soham Parekh is all the rage on Twitter right now with a bunch of startups coming out of the woodwork saying they either had currently employed him or had in the past.

Serious question: why aren't so many startups hiring processes filtering out a candidate who is scamming/working multiple jobs?

I would very much like to enjoy HN the way I did years ago, as a place where I'd discover things that I never otherwise would have come across.

The increasing AI/LLM domination of the site has made it much less appealing to me.

Over the years, copywriting, SEO, and other factors have made it increasingly difficult to find quality material on the internet. It takes more effort than ever to find what you're looking for.

When I need to learn about a new topic, I usually search for scientific articles. A few years ago, I discovered that I often got good results by searching for "KEYWORD PDF," as this led to static PDF files that aren't easily changed. Very often, they are written by academics or produced by government agencies.

Lately, however, I've gotten the feeling that the results more and more often lead to "zombie sites" that just redirect to ads and other junk.

BEP 46 was published years ago. Since then, plenty of articles have talked about what a great thing mutable torrents would be; and people have indicated that libtorrent supports them. When I look around, though, I can't find any mention of them in the documentation for major Bittorrent clients; and the proofs of concept, at least five years old, will require a bit of detective work to satisfy `npm install`. So, is that where things stand? A BEP, some musing that it would be cool, and broken code? Are there tools that work? If so, where?

Our PM asked about adding more analytics, but most tools feel like surveillance. We’re testing out a light board analytics view in monday dev that surfaces trends without tracking individual activity. Any better approaches or we are with the best one in the market? HELPPP

OpenAI posted this cryptic GIF[1] in their Discord announcements channel. Are they acquiring Cursor?

[1] https://i.imgur.com/My4Vny3.gif

On July 25th the UK government will start enforcing ID checks to access porn sites. Any site which allows UK residents to connect to is forced to comply, or face major fines. Ofcom, the regulator, has ordered both large (like Reddit which no longer allows anonymous access to NSFW subreddits in the UK) and niche sites (Certain dating apps, grindr, etc) to comply. Somewhat interestingly this law only effects "user-to-user" content instead of all porn sites. Additionally US courts now uphold state ID laws https://news.ycombinator.com/item?id=44397799 and the EU is planning to roll out ID verification infrastructure aswell.

Even if you could not care less, or hate porn, you can clearly see the direction the first world is going in. The aforementioned US ruling already includes anything sexual, even text, naturally including LGBT topics and sex education. Is there anything we can do to combat this and hold out the open internet a little longer?

The best I can think of is a neocities but for tor, making it easy to transition some useful content to somewhere with less prying eyes. I am also dismayed about the lack of coverage on this issue, a few years ago when states started rolling out ID verification it was news worthy, even in other countries. Now not even a blip on the radar, its somewhat surreal.

Is there still a demand of carpool as there are no apps that competes with Blablacar globally in their recent round company was valued over 3 Billion. What would we an ideal carpool app that can solve long distance travel problems?

IT has always been a fast-moving field, but the current AI craze seems to produce new tech/results/apps across the whole stack at an ever-increasing pace.

What are some of your strategies to stay in the loop?

I’m currently testing this. One customer is already paying $2,500/month for development services. I’m wondering if I should provide my freelance services this way.

Like with DesignJoy, only one active task at a time. We use GitHub to manage almost everything. CI/CD is configured so deployment is a breeze. Each issue is a task. We use GitHub projects (kanban-style board) to manage the backlog and task stages (todo, in-progress, done). Big projects are broken into milestones and stages; each milestone or stage corresponds to one month of work.

Another benefit I see is that the costs is clear to the customer; he can budget properly and may pause things as needed. I also don’t need to spend time preparing estimates/quotes (which I’m not good at, and I don’t enjoy doing).

I find this works well for people looking to build MVPs or small to medium web applications. There are no long-term contracts or strict project scopes.

What do you think? Any feedback and discussion is welcome.

via email:

Thank you for being a Nest Aware subscriber. We wanted to let you know that the price of your Nest Aware Plus subscription ... will soon increase from $150 a year to $200 a year (plus applicable taxes).

This new price will go into effect on your first bill that occurs on or after August 15, 2025...

https://support.google.com/googlenest/answer/13856600

# Show HN: AIHint — an open standard for signed, verifiable metadata readable by AI on the web

AI, bots, and intelligent agents crawl the web at lightning speed. Yet, they often can’t know if a page is trustworthy, what it exactly contains, or if they have the rights to use it.

AIHint is an open standard allowing website creators to add a signed JSON file that clearly describes the content, provenance, license, and validity of a webpage.

This standard aims to: - Boost AI trust in web sources - Improve transparency for everyone (humans and machines) - Help AI respect copyright and usage policies

Fully open source with full docs: https://standard.aihint.org Official AIHint issuance platform: https://aihint.org GitHub repo: https://github.com/aihint/standard

We’re looking for feedback, testers, and contributors passionate about a more ethical and AI-readable web.

Thanks for trying it out, commenting, and sharing!

---

# Discussions, questions, and feedback warmly welcome.

I am looking to find a course or series of videos to learn how to create and design things to be printed by a 3D printer. At least for me, this seems to be very complex. Something like solidworks takes the already unintuitive and nature of photoshop and adds an additional dimension. There are many tools and hotkeys and principles that are quite difficult to simply learn by picking it up and messing around. I would like to find a course that explains how to use modeling software to design 3D objects. It is a bit overwhelming when you don't know what you don't know. There are many different software tools and of course once you are within a tools "ecosystem" there are many buttons, knobs and principles to learn.

Tl;dr Are there any good video or written courses that help a beginner get to an intermediate level of 3d modeling for a 3D printer?

Specific to me: I own a Bambu PS1 and a year long subscription to Coursera.

Just received by email. Doesn't seem to be anything public yet

---

We hope this message finds you well. We're writing to share some important news about Humanloop's future and what it means for you as a valued member of our community.

Our news

We're pleased to announce that Humanloop has entered into a process to be acquired. However, as part of this process, we’ve made the very difficult decision to sunset the current Humanloop platform. We’re planning the sunset for September 8th, 2025—after this date our UI and API will no longer be available. Although the acquisition is yet to be formally announced, we’re reaching out now to give you as much notice as possible and minimise disruption.

You have been an integral part of our journey and we acknowledge that this news may come as a surprise and will likely disrupt your current projects and workflows that use Humanloop. We're committed to supporting you through this transition period as best we can.

Exporting your data

We want to ensure you have full access to your data, so we've prepared some tooling to help you export your data easily via our existing API endpoints. For organizations with extremely high log volumes, we can explore working with you on a tailored export solution. Soon after we sunset the platform, all customer data will be removed from our servers and backups—please begin migrating your data as soon as possible.

Our team will remain available through to September 8th to assist with data export and answer any questions about alternative solutions.

Thank you

Thank you for being such an important part of the Humanloop story. We're extremely grateful for the trust you've placed in us and are incredibly proud of what we’ve built with your support. Together, we’ve helped define industry standards for this new AI tooling layer of prompt management, evaluations and observability. Your feedback, collaboration and support have been a cornerstone for everything we've built and accomplished.

We're committed to making this transition as smooth as possible, so please don't hesitate to reach out for help. We’re excited to share more details soon about what’s next for us and what it means for the future of our mission.

Sincerely,

The Humanloop Team

We’ve had this happen with Trello and Jira- cards pile up, no one moves anything. Tried simplifying our board setup in monday dev recently and saw some improvement, but would love to learn from others.